Tag: digest

Mac malware signed with Apple ID infects activist’s laptop

F-Secure Stealthy Mac OS X spyware that was digitally signed with a valid Apple Developer ID has been detected on the laptop of an Angolan activist attending a human rights conference, researchers said. The backdoor, which is programmed to take screenshots and send them to remote servers under the control of the attackers, was spread using a spear phishing e-mail , according to privacy activist Jacob Appelbaum. Spear phishing is a term for highly targeted e-mails that address the receiver by name and usually appear to come from someone the receiver knows. The e-mails typically discuss topics the two people have talked about before. According to AV provider F-Secure, the malware was discovered during a workshop showing freedom of speech activists how to secure their devices against government monitoring. The malware was signed with a valid Apple Developer ID  allowing it to more easily bypass the Gatekeeper feature Apple introduced in the Mountain Lion version of OS X. If it’s not the first time Mac malware has carried such a digital assurance, it’s certainly among the first. Both F-Secure and Appelbaum said the backdoor, identified as OSX/KitM.A, is new and previously unknown. For its part, AV provider Intego said the malware is a variant of a previously seen trojan known as OSX/FileSteal. Intego continued: Read 3 remaining paragraphs | Comments

See more here:
Mac malware signed with Apple ID infects activist’s laptop

“SpecialisRevelio!” Macs use Harry Potter spell to unlock secret “backdoor”

Aurich Lawson / Warner Bros. Entertainment The Mac on your desk or on the cafe table next to you has a chip with secret functions that can be unlocked only by inputting a spell from the Harry Potter series. The SMC, or system management controller, is a chip used to regulate a Mac’s current and voltage, manage its light sensor, and temporarily store FileVault keys. Turns out that the SMC contains undocumented code that is invoked by entering the word “SpecialisRevelio,” the same magic words used to reveal hidden charms, hexes, or properties used by wizards in the Harry Potter  series written by author J. K. Rowling. That fun fact was presented Wednesday at the NoSuchCon security conference by veteran reverse engineer Alex Ionescu. While most details are far too technical for this article, the gist of the research is that the SMC is a chip that very few people can read but just about anyone with rudimentary technical skills can “flash” update. Besides displaying the Apple engineers’ affinity for Harry Potter, Ionescu’s tinkerings also open the door to new types of hacks. But don’t worry because they’re mostly the fodder for a hacking scene in a James Bond or Mission Impossible screenplay. “The attacks discussed in my presentation are attacks that likely only a nation-state adversary would have the sufficient technical knowledge to implement, and they require precise knowledge of the machine that is being targeted,” Ionescu, who is chief architect at security firm CrowdStrike, wrote in an e-mail to Ars. “They are perfect, for example, at a border crossing where a rogue country may need to ‘take a quick look at your laptop’ to ‘help prevent terrorism.’ I don’t suspect most Mac users (and certainly not those that read Ars or other similar publications) would be at a high-profile enough level to warrant such level of interest from another state.” Read 7 remaining paragraphs | Comments

View post:
“SpecialisRevelio!” Macs use Harry Potter spell to unlock secret “backdoor”

Obama orders agencies to make data open, machine-readable by default

Alpha.data.gov, an experimental data portal created under the White House’s Open Data Initiative. Data.gov President Barack Obama issued an executive order today that aims to make “open and machine-readable” data formats a requirement for all new government IT systems. The order would also apply to existing systems that are being modernized or upgraded. If implemented, the mandate would bring new life to efforts started by the Obama administration with the launch of Data.gov four years ago. It would also expand an order issued in 2012 to open up government systems with public interfaces for commercial app developers. “The default state of new and modernized Government information resources shall be open and machine readable,” the president’s order reads. “Government information shall be managed as an asset throughout its life cycle to promote interoperability and openness, and, wherever possible and legally permissible, to ensure that data are released to the public in ways that make the data easy to find, accessible, and usable.” The order, however, also requires that this new “default state” protect personally identifiable information and other sensitive data on individual citizens, as well as classified information. Broadening the “open” mandate The president’s mandate was initially pushed forward by former Chief Information Officer of the United States Vivek Kundra. In May of 2009, Data.gov launched with an order that required agencies to provide at least three “high-value data sets” through the portal. Read 6 remaining paragraphs | Comments

Link:
Obama orders agencies to make data open, machine-readable by default

Network Solutions seizes over 700 domains registered to Syrians

While Syria’s Internet connection is back up, many of the sites hosted in Damascus have lost their domain names. As Brian Krebs of Krebs on Security reports , the domain registrar Network Solutions LLC has taken control of 708 domain names in the .com, .org, and .net top-level domains registered to Syrian organizations. The organizations affected by the seizure include the state-supported hacker group Syrian Electronic Army. Usually when there’s a domain name seizure, it’s the work of government agencies like Immigrations and Customs Enforcement or the FBI, or domains are shut down with the help of US Marshals as part of a court-sanctioned seizure related to malware. But in this case, Network Solutions appears to have seized the domains in question without coordinating with federal authorities, though its action was guided by federal regulations—domain name registration is one of the services explicitly banned in US trade sanctions enacted against Syria last year. Network Solutions has marked the seized domains with the notation “OFAC Holding,” indicating they were taken over in accordance with regulations propagated by the Department of the Treasury’s  Office of Foreign Assets Control , a unit of Treasury’s Office of Terrorism and Financial Intelligence. The vast majority of the seized domains were pointed at IP addresses assigned to the Syrian Computer Society. As we’ve reported previously, Syrian President Bashar al-Assad, who was an Army doctor and ophthalmologist before being groomed to take over for his father, was head of the Syrian Computer Society in the 1990s. He became president in 2000. The Syrian Computer Society acts as Syria’s domain registration authority and regulates the Internet within Syria, and is also believed to be connected to Syria’s state security apparatus. The Syrian Computer Society registered .sy domain names for the Syrian Electronic Army’s servers, giving the hacker group a national-level domain name (sea.sy) rather than a .com or other non-government address, signifying its status as at least a state-supervised operation. Read 1 remaining paragraphs | Comments

See the article here:
Network Solutions seizes over 700 domains registered to Syrians

AT&T opens trade-in program for old smartphones

AT&T is now accepting smartphone trade-ins as vouchers toward new phone purchases on its network, according to a press release from the company in Monday. Customers who bring in old smartphones can receive “at least $100” off of a new smartphone. Even better, the discounts are stackable, even off-contract. In the event that customers are looking to get a new phone that costs $99.99 or less, a traded-in smartphone will get them that phone for free. Trade-ins can be valued at more than $100 and can be applied immediately to an in-store purchase. Customers may also opt to trade their phone in online, though they will have to wait four weeks for approval and their “Promotion Card” to come in the mail with the credit. In the press release, AT&T does not explicitly state whether the credits apply only to phones that are purchased on a new two-year contract or whether the credits are able to be applied to off-contract purchases. Still, the language of the press release seems to favor that scenario and an AT&T spokesperson told Ars that the trade-in discounts do stack and do not require a new contract. So if you bust up your current phone but complete a scavenger hunt for five functioning old smartphones, you might save yourself a little money. Read 1 remaining paragraphs | Comments

View post:
AT&T opens trade-in program for old smartphones

Original iPhone to go the way of the dodo on June 11, 2013

Oh original iPhone, we’ll miss you. Roughly six years after its public launch, the original iPhone is about to become obsolete—at least in Apple’s eyes. Apple reportedly sent out internal documentation to its support partners, which was then passed on to 9to5Mac , detailing which of its products would no longer be considered current or recent devices as of June 11, 2013. The list doesn’t just include the original iPhone, though: it also includes a number of older iMacs, MacBook Pros, Xserves, and PowerBooks. According to the document , products that are considered obsolete—or perhaps for a more tasteful term, “vintage”—cannot be repaired or receive replacement parts unless they’re in the state of California, “as required by statute.” Californians can continue to get service and parts for their obsolete items through Apple retail stores, but the rest of us are pretty much out of luck. Apple notes that obsolete or vintage products can’t be serviced as mail-in repairs to AppleCare, either. This is pretty standard procedure for Apple; the other products in the list are about as old as the original iPhone, and some of them are even older (there’s a Mac mini on the list from 2005, and don’t even get us started on PowerBooks). All we know is that if you’re still actively using an original iPhone, you must have an amazing tolerance for outdated software and slow hardware. Good on you, but perhaps it’s time to think about an upgrade. Read 1 remaining paragraphs | Comments

Read the original post:
Original iPhone to go the way of the dodo on June 11, 2013

Linux 3.9 brings SSD caching and drivers to support modern PCs

mtellin Linux creator Linus Torvalds last night announced the release of version 3.9 of the kernel. Available for download at kernel.org , Linux 3.9 brings a long list of improvements to storage, networking, file systems, drivers, virtualization, and power management. H-Online editor Thorsten Leemhuis has an excellent rundown of what’s new in Linux 3.9 . One new feature, listed as “experimental,” allows SSDs to act as caches for other storage devices. “This feature is able to speed up data writes, as it allows the faster SSD to first cache data and then, in a quiet moment, transfer it to the slower hard drive,” Leemhuis wrote. Linux maintainers have also done some driver work that might improve the sometimes questionable support for desktops and laptops. New drivers include support for Intel 802.11ac Wi-Fi components, as well as trackpads used in Samsung’s ARM-based Chromebook and the Dell XPS 13 Developer Edition Ultrabook . The Kernel’s driver for AMD Radeon graphics chips was updated to support Oland chips in the 8500 and 8600 Series Radeon video cards, in addition to AMD’s forthcoming Richland chips. The driver code for HD audio codecs is also now “leaner and more robust.” Read 3 remaining paragraphs | Comments

Read the original:
Linux 3.9 brings SSD caching and drivers to support modern PCs

Man accused of placing GPS device on victim’s car before burglarizing her home

A burglary suspect currently on trial in Johnson County, Kansas allegedly put a GPS tracking device on a victim’s car to determine whether anyone was home. The victim, an unnamed Overland Park woman, told her story to the  Kansas City Star on Friday. Overland Park police, Leawood police, and Johnson County prosecutors declined to comment on the GPS allegation to the newspaper. According to the Star , the suspect, Steven Alva Glaze, allegedly burglarized the woman’s home on March 25. The victim owns a jewelry business in the Kansas City suburb. Glaze is now on trial for 14 counts of criminal damage to property, theft, attempted burglary, and burglary for the alleged crimes. The use of GPS tracking devices surreptitiously installed on cars recalls the famous Jones v. United States case, in which the Supreme Court unanimously ruled in 2012 that law enforcement does not have the authority to warrantlessly place a device on a criminal suspect’s vehicle. However, the use of GPS by criminal suspects to track victims still seems to be quite rare. Read 4 remaining paragraphs | Comments

View post:
Man accused of placing GPS device on victim’s car before burglarizing her home

Google didn’t comply with Argentina’s request to remove NSFW video of president

In a newly released dataset covering the second half of 2012, Google reports a record amount of total government requests worldwide to remove content from the company’s sites and services. As usual, under the “ Notes ” section, Google provides some potentially humorous insight  on why governments want certain content to be removed. Google noted wryly: “We received a request [from Argentina] to remove a YouTube video that allegedly defames the [Argentine] President by depicting her in a compromising position. We age-restricted the video in accordance with YouTube’s Community Guidelines.” It didn’t take us long to find the video in question, by the Miami-based Argentine-Venezuelan rock band The Rockadictos. The band’s September 2012 music video (genuinely NSFW) depicts a CGI version of the Argentine president, Cristina Fernández de Kirchner, engaging in lewd behavior. Read 6 remaining paragraphs | Comments

Read the article:
Google didn’t comply with Argentina’s request to remove NSFW video of president

FBI denied permission to spy on hacker through his webcam

Sorry FBI, you can’t randomly hijack someone’s webcam. Stefano Maffei A federal magistrate judge has denied (PDF) a request from the FBI to install sophisticated surveillance software to track someone suspected of attempting to conduct a “sizeable wire transfer from [John Doe’s] local bank [in Texas] to a foreign bank account.” Back in March 2013, the FBI asked the judge to grant a month-long “ Rule 41 search and seizure warrant ” of a suspect’s computer “at premises unknown” as a way to find out more about this possible violations of “federal bank fraud, identity theft and computer security laws.” In an unusually-public order published this week , Judge Stephen Smith slapped down the FBI on the grounds that the warrant request was overbroad and too invasive. In it, he gives a unique insight as to the government’s capabilities for sophisticated digital surveillance on potential targets. According to the judge’s description of the spyware, it sounds very similar to the RAT software that many miscreants use to spy on other Internet users without their knowledge. (Ars editor Nate Anderson detailed the practice last month.) Read 10 remaining paragraphs | Comments

View article:
FBI denied permission to spy on hacker through his webcam